Hi, Im wonering if you can help me. Im currently x509 certification with Site-to-site IPSec tunnels. I’ve been following this guide:
Eveything works great if I use R1 as the CA. It continues to work fine if I use a 3rd router as the CA to generate certs for R1 and R2. What I can’t get working is adding an intermediary to generate the router certs.
The tunnels consistently fail to build with the log error message of no trusted RSA public key found for …
Has anyone had experence of buiding site-to-site tunnels using certificate chains as I’m probaly missing something simple.